package com.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;

import com.model.CFUser;
import com.service.BranchService;
import com.service.UserService;

@Controller
public class LoginController {
	@Autowired
	private UserService userService;
	@Autowired
	private BranchService branchService;
	@Autowired
	private UserService userDao;
	
	@RequestMapping(value="/login", method=RequestMethod.GET)
	public String loginForm(HttpServletRequest request){
				return "login";
	}
	@RequestMapping(value="/admin/registerUser", method=RequestMethod.GET)
	public String registerUser(ModelMap model,@ModelAttribute("command") CFUser cfuser){
		model.put("branches", branchService.getBranchName());
		return "registerUser";
	}

	@RequestMapping(value = "/admin/registerUser", method = RequestMethod.POST)
	public String registerUser(@ModelAttribute("command") CFUser cfuser) {
		userService.addUser(cfuser);
		return "registerUser";
	}

	@RequestMapping(value="/error-login", method=RequestMethod.GET)
	public String invalidLogin() {
		return "error";
	}
	@RequestMapping(value="/logout", method=RequestMethod.GET)
	public ModelAndView logout(HttpServletRequest request) {
		HttpSession session= request.getSession(false);
		Object o=session!=null? session.getAttribute("username"):null;
		if(o!=null && !o.toString().equals(""))
			session.invalidate();
		return new ModelAndView("logout");
	}
	@RequestMapping(value="/user/userHome", method=RequestMethod.GET)
	public String userHome(Authentication auth,HttpServletRequest request){
		setSession(auth,request);
		return "redirect:/user/addMember.htm";
	}
	@RequestMapping(value="/admin/adminHome", method=RequestMethod.GET)
	public String adminHome(Authentication auth,HttpServletRequest request){
		setSession(auth,request);
	return "redirect:/admin/addBranch.htm";
	}
	@RequestMapping(value="/invalidSession", method=RequestMethod.GET)
	public String invalidSession() {
		return "invalidSession";
	}
	@RequestMapping(value="/sessionExpired", method=RequestMethod.GET)
	public String sessionExpired() {
		return "sessionExpired";
	}

	 private void setSession(Authentication auth,HttpServletRequest request){
	    	HttpSession session= request.getSession(true);
			String username = auth.getName();
			CFUser u = userDao.findUserByUserName(username);
			session.setAttribute("username", username);
			session.setAttribute("branch", u.getBranchName());
			session.setAttribute("role", u.getGrantedAuthority());
		}

}
